diff options
| author | jsing <> | 2018-11-10 08:10:43 +0000 |
|---|---|---|
| committer | jsing <> | 2018-11-10 08:10:43 +0000 |
| commit | 30dc395e2c7210ebede648008415bd4faba1c580 (patch) | |
| tree | 6e5adbcb2249cf7f599bef39f12b8bc58417fcf9 /src/lib/libssl/tls13_handshake.c | |
| parent | 23eb946b5cec1a98fd1599f973060fc71400eb77 (diff) | |
| download | openbsd-30dc395e2c7210ebede648008415bd4faba1c580.tar.gz openbsd-30dc395e2c7210ebede648008415bd4faba1c580.tar.bz2 openbsd-30dc395e2c7210ebede648008415bd4faba1c580.zip | |
Tweak and improve the TLSv1.3 state machine.
- Provide a tls13_handshake_active_action() function to reduce code
duplication and replace tls13_handshake_get_sender().
- Add an INVALID message_type, so we can explicitly detect invalid
conditions.
- Implement skeletons for the tls13_handshake_send_action() and
tls13_handshake_recv_action() functions.
- OR in the NEGOTIATED value at the end of recving or sending a server
hello so that we switch to the next chain in the state table.
ok tb@
Diffstat (limited to '')
| -rw-r--r-- | src/lib/libssl/tls13_handshake.c | 70 |
1 files changed, 46 insertions, 24 deletions
diff --git a/src/lib/libssl/tls13_handshake.c b/src/lib/libssl/tls13_handshake.c index c2ec287f73..d75204f2b0 100644 --- a/src/lib/libssl/tls13_handshake.c +++ b/src/lib/libssl/tls13_handshake.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls13_handshake.c,v 1.5 2018/11/10 00:38:31 tb Exp $ */ | 1 | /* $OpenBSD: tls13_handshake.c,v 1.6 2018/11/10 08:10:43 jsing Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> | 3 | * Copyright (c) 2018 Theo Buehler <tb@openbsd.org> |
| 4 | * | 4 | * |
| @@ -55,17 +55,19 @@ struct tls13_handshake_action { | |||
| 55 | }; | 55 | }; |
| 56 | 56 | ||
| 57 | enum tls13_message_type tls13_handshake_active_state(struct tls13_ctx *ctx); | 57 | enum tls13_message_type tls13_handshake_active_state(struct tls13_ctx *ctx); |
| 58 | int tls13_handshake_get_sender(struct tls13_ctx *ctx); | ||
| 59 | 58 | ||
| 60 | int tls13_connect(struct tls13_ctx *ctx); | 59 | int tls13_connect(struct tls13_ctx *ctx); |
| 61 | int tls13_accept(struct tls13_ctx *ctx); | 60 | int tls13_accept(struct tls13_ctx *ctx); |
| 62 | 61 | ||
| 63 | int tls13_handshake_advance_state_machine(struct tls13_ctx *ctx); | 62 | int tls13_handshake_advance_state_machine(struct tls13_ctx *ctx); |
| 64 | 63 | ||
| 65 | int tls13_handshake_send_action(struct tls13_ctx *ctx); | 64 | int tls13_handshake_send_action(struct tls13_ctx *ctx, |
| 66 | int tls13_handshake_recv_action(struct tls13_ctx *ctx); | 65 | struct tls13_handshake_action *action); |
| 66 | int tls13_handshake_recv_action(struct tls13_ctx *ctx, | ||
| 67 | struct tls13_handshake_action *action); | ||
| 67 | 68 | ||
| 68 | enum tls13_message_type { | 69 | enum tls13_message_type { |
| 70 | INVALID, | ||
| 69 | CLIENT_HELLO, | 71 | CLIENT_HELLO, |
| 70 | CLIENT_HELLO_RETRY, | 72 | CLIENT_HELLO_RETRY, |
| 71 | CLIENT_END_OF_EARLY_DATA, | 73 | CLIENT_END_OF_EARLY_DATA, |
| @@ -282,46 +284,62 @@ tls13_handshake_active_state(struct tls13_ctx *ctx) | |||
| 282 | return handshakes[hs.hs_type][hs.message_number]; | 284 | return handshakes[hs.hs_type][hs.message_number]; |
| 283 | } | 285 | } |
| 284 | 286 | ||
| 285 | int | 287 | struct tls13_handshake_action * |
| 286 | tls13_handshake_get_sender(struct tls13_ctx *ctx) | 288 | tls13_handshake_active_action(struct tls13_ctx *ctx) |
| 287 | { | 289 | { |
| 288 | enum tls13_message_type mt = tls13_handshake_active_state(ctx); | 290 | enum tls13_message_type mt = tls13_handshake_active_state(ctx); |
| 289 | return state_machine[mt].sender; | 291 | return &state_machine[mt]; |
| 290 | } | 292 | } |
| 291 | 293 | ||
| 292 | int | 294 | int |
| 293 | tls13_connect(struct tls13_ctx *ctx) | 295 | tls13_connect(struct tls13_ctx *ctx) |
| 294 | { | 296 | { |
| 297 | struct tls13_handshake_action *action; | ||
| 298 | |||
| 295 | ctx->mode = TLS13_HS_CLIENT; | 299 | ctx->mode = TLS13_HS_CLIENT; |
| 296 | 300 | ||
| 297 | while (tls13_handshake_get_sender(ctx) != TLS13_HS_BOTH) { | 301 | for (;;) { |
| 298 | if (tls13_handshake_get_sender(ctx) == TLS13_HS_CLIENT) { | 302 | if ((action = tls13_handshake_active_action(ctx)) == NULL) |
| 299 | if (!tls13_handshake_send_action(ctx)) | 303 | return -1; |
| 304 | |||
| 305 | if (action->sender == TLS13_HS_BOTH) | ||
| 306 | return 1; | ||
| 307 | |||
| 308 | if (action->sender == TLS13_HS_CLIENT) { | ||
| 309 | if (!tls13_handshake_send_action(ctx, action)) | ||
| 300 | return 0; | 310 | return 0; |
| 301 | } else { | 311 | } else { |
| 302 | if (!tls13_handshake_recv_action(ctx)) | 312 | if (!tls13_handshake_recv_action(ctx, action)) |
| 303 | return 0; | 313 | return 0; |
| 304 | } | 314 | } |
| 315 | |||
| 305 | if (!tls13_handshake_advance_state_machine(ctx)) | 316 | if (!tls13_handshake_advance_state_machine(ctx)) |
| 306 | return 0; | 317 | return 0; |
| 307 | } | 318 | } |
| 308 | |||
| 309 | return 1; | ||
| 310 | } | 319 | } |
| 311 | 320 | ||
| 312 | int | 321 | int |
| 313 | tls13_accept(struct tls13_ctx *ctx) | 322 | tls13_accept(struct tls13_ctx *ctx) |
| 314 | { | 323 | { |
| 324 | struct tls13_handshake_action *action; | ||
| 325 | |||
| 315 | ctx->mode = TLS13_HS_SERVER; | 326 | ctx->mode = TLS13_HS_SERVER; |
| 316 | 327 | ||
| 317 | while (tls13_handshake_get_sender(ctx) != TLS13_HS_BOTH) { | 328 | for (;;) { |
| 318 | if (tls13_handshake_get_sender(ctx) == TLS13_HS_SERVER) { | 329 | if ((action = tls13_handshake_active_action(ctx)) == NULL) |
| 319 | if (!tls13_handshake_send_action(ctx)) | 330 | return -1; |
| 331 | |||
| 332 | if (action->sender == TLS13_HS_BOTH) | ||
| 333 | return 1; | ||
| 334 | |||
| 335 | if (action->sender == TLS13_HS_SERVER) { | ||
| 336 | if (!tls13_handshake_send_action(ctx, action)) | ||
| 320 | return 0; | 337 | return 0; |
| 321 | } else { | 338 | } else { |
| 322 | if (!tls13_handshake_recv_action(ctx)) | 339 | if (!tls13_handshake_recv_action(ctx, action)) |
| 323 | return 0; | 340 | return 0; |
| 324 | } | 341 | } |
| 342 | |||
| 325 | if (!tls13_handshake_advance_state_machine(ctx)) | 343 | if (!tls13_handshake_advance_state_machine(ctx)) |
| 326 | return 0; | 344 | return 0; |
| 327 | } | 345 | } |
| @@ -332,22 +350,22 @@ tls13_accept(struct tls13_ctx *ctx) | |||
| 332 | int | 350 | int |
| 333 | tls13_handshake_advance_state_machine(struct tls13_ctx *ctx) | 351 | tls13_handshake_advance_state_machine(struct tls13_ctx *ctx) |
| 334 | { | 352 | { |
| 335 | if (tls13_handshake_get_sender(ctx) == TLS13_HS_BOTH) | ||
| 336 | return 0; | ||
| 337 | ctx->handshake.message_number++; | 353 | ctx->handshake.message_number++; |
| 338 | return 1; | 354 | return 1; |
| 339 | } | 355 | } |
| 340 | 356 | ||
| 341 | int | 357 | int |
| 342 | tls13_handshake_send_action(struct tls13_ctx *ctx) | 358 | tls13_handshake_send_action(struct tls13_ctx *ctx, |
| 359 | struct tls13_handshake_action *action) | ||
| 343 | { | 360 | { |
| 344 | return 1; | 361 | return action->send(ctx); |
| 345 | } | 362 | } |
| 346 | 363 | ||
| 347 | int | 364 | int |
| 348 | tls13_handshake_recv_action(struct tls13_ctx *ctx) | 365 | tls13_handshake_recv_action(struct tls13_ctx *ctx, |
| 366 | struct tls13_handshake_action *action) | ||
| 349 | { | 367 | { |
| 350 | return 1; | 368 | return action->recv(ctx); |
| 351 | } | 369 | } |
| 352 | 370 | ||
| 353 | int | 371 | int |
| @@ -438,12 +456,16 @@ tls13_client_key_update_recv(struct tls13_ctx *ctx) | |||
| 438 | int | 456 | int |
| 439 | tls13_server_hello_recv(struct tls13_ctx *ctx) | 457 | tls13_server_hello_recv(struct tls13_ctx *ctx) |
| 440 | { | 458 | { |
| 459 | ctx->handshake.hs_type |= NEGOTIATED; | ||
| 460 | |||
| 441 | return 1; | 461 | return 1; |
| 442 | } | 462 | } |
| 443 | 463 | ||
| 444 | int | 464 | int |
| 445 | tls13_server_hello_send(struct tls13_ctx *ctx) | 465 | tls13_server_hello_send(struct tls13_ctx *ctx) |
| 446 | { | 466 | { |
| 467 | ctx->handshake.hs_type |= NEGOTIATED; | ||
| 468 | |||
| 447 | return 1; | 469 | return 1; |
| 448 | } | 470 | } |
| 449 | 471 | ||